Qualys vulnerability scans

The Qualys scanner must be configured using its GUI, as described in the Qualys documentation.  Once it is configured, you can use the NetProfiler Administration > Integration > Vulnerability Scanning page to select among certain options that are configured on the Qualys scanner. The NetProfiler must have external https access to qualysapi.qualys.com.  (Note: This is separate from qualysguard.qualys.com.)

To configure Quick scans and Deep scans by a Qualys scanner:

1. Go to the Administration > Integration > Vulnerability Scanning page.

2. Select the Quick Scan or Deep Scan tab, as applicable.

3. Select Qualys from the Scanner list box.  (The Host name and Port fields do not apply to Qualys and therefore are disabled.)

4. Click Apply.  

5. Use the Authentication and Settings buttons to open pages for specifying the remaining information.

Notes on Settings

Option Profile – Select a Qualys profile to determine how the scan is run.

Scan Appliance – If there are multiple scanners under the control of the Qualys software, select the one that is to run the scan. Alternatively, leave this field blank to use the default scanner.  Note that the Qualys default scanner can access only public IP addresses.

Automatic vulnerability scanning

Manually initiating a vulnerability scan

Types of vulnerability scans

Vulnerability scans